Configuring multiple Base clusters with one ECS cluster
You can configure one Embedded Container Service (ECS) cluster to work with multiple CDP Private Cloud Base clusters managed by separate instances of Cloudera Manager. In order to do this you must first create a combined truststore .pem file that contains the ECS Control Plane truststore .pem file appended with the certificate files of each of the CDP Private Cloud Base clusters.
Use the following steps to configure one ECS cluster to work with multiple CDP Private Cloud Base clusters:
- Append the ECS Control Plane truststore .pem file with the certificate files from the additional CDP Private Cloud Base clusters.
- Register an ECS environment with each of the additional CDP Private Cloud Base clusters.
- Create data services within each environment.
Step 1: Append the ECS Control Plane truststore .pem file with the certificate files from the Base clusters
- On the ECS Control Plane, run the following
kubectl
command to get the contents of the configmap:kubectl get configmap cdp-private-installer-truststore -n cdp -o yaml > cdp-private-installer-truststore.yaml
- Copy the truststorePEM content, decode it, and store it in a file. For example:
echo LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhakNDQWxJQ0NRRG5iNnhmK0dQR1l6QU5CZ2txaGtpRzl3MEJBUXNGQURCWk1Rc3dDUV lEVlFRR0V3SlYKVXpFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFKQmdOVkJBY01BbE5ETVEwd0N3WURWUVFLREFSRFRFUlNNUXd3Q2dZRApWUVFMREFOQ1RGS XhFekFSQmdOVkJBTU1DaW91YUhkNExuTnBkR1V3SGhjTk1qTXhNVEV3TVRRME1qUXdXaGNOCk1qUXhNVEE1TVRRME1qUXdXakFWTVJNd0VRWURWUVFE REFvcUxtaDNlQzV6YVhSbE1JSUJvakFOQmdrcWhraUcKOXcwQkFRRUZBQU9DQVk4QU1JSUJpZ0tDQVlFQS9lZkJtK05IQTdWUTF1M05qK3ZoRGFRV0p JcUhFbVcxOFlpYgpBQUdiYmlvYi9YYnY0aTRINU81MXV3SjJ1cWowaktUM3dBU3l0UG0yS0p1RE9vVXMveWhJc0xuK3VOWlMzd292CkNxSk5RcWpRT3 N2RUVITU5ZZ3JOWExMclhlbHZHTXl4aG16bVFlSEhHTkZhcldENVkwd1laMVVIaG00a0pUUTUKTFhoZm1JVjJlTUJieE4ySVB2WU1TV1AvYmo4ekF3a k50OHQvVUhhaFRTeWljUktEWitsMGxoeGt0cHpzdmxmcQo4eXNCVTBBQ2MvbWp2bGNWS0xyNVVRSTRadVNFb2ZRK1QyaEpITEZNQ0N4bFJvcWN5aFo0 QmtlZmZwaUhIOGJHCm9kd2tSaHRRMVFJcFFxSklCLytCOWNZbkFjYlBFaHlXekh1TGlqakl5VTZOYWZ3SmpoTG1SVmptRmpWNzNvZmgKanJ4V1BtVyt FSDJZODRWK3RpOVdIZE5LQW9KNzU4bzZaSmJsc3ZBRVBNVytBVmw2clFMTTFPZXN1UTNtczcxMwpWOENObFBWVEQ0UGdpaythOG1YV3FWZkVZN2F1V3 N1YnIwUkIyeFliWHBHd21WdWxrSjdYRURHOEpmN2hFNzRqCkRhMlJaeWN5YXdScGF3SXV2V1kwWGtoSktOOTNBZ01CQUFFd0RRWUpLb1pJaHZjTkFRR UxCUUFEZ2dFQkFDcTcKSDU5R2lnKy9iUVB3enhmUmF6d1hXM09mT3M1UjNnU0hGeDRmS1BXVlN5TjEwaW5Obmdxejd4R2dYVnBpRDdWNApQRGVXZFRZ MjdHN2w3ZHBjek1FS2ptN25XOUp3RW05S3dyRndWRWh0OWEzNjVvUnhqTzA3Y09VanZYaEwydkx1Cnk1eHRYZlJyZXlPalNmZDVxcnlKVlBoMDBHb0N UWTViMy9wK25saWJUUmNkY29mQkFTU0VhbnhaVDJoc1B2V3kKSG9PVkVGSm1rTnVxRHJhS2YySlFxRnR4aGs0MFIvUW9LVUpKUTgzUWIxZHBmWWVCdE 9lWXRVNExmQWV3Y0RuRwpFWUQvYVplblgwU2cxRTRoRS9NaUNFN2R6ZzY4TVVPeWVBV1pCelJuMHBEZ1VtanpTOUNndi9GQ240MjV0QnR5Cis5anY1W it3TVNkd1VZL2VudEE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURlekNDQW1PZ0F3SUJB Z0lVQWRidE11Q3JycVRMYlUzRzhPakZRUW5YNGY4d0RRWUpLb1pJaHZjTkFRRUwKQlFBd1dURUxNQWtHQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWt OQk1Rc3dDUVlEVlFRSERBSlRRekVOTUFzRwpBMVVFQ2d3RVEweEVVakVNTUFvR0ExVUVDd3dEUWt4U01STXdFUVlEVlFRRERBb3FMbWgzZUM1emFYUm xNQjRYCkRUSXpNVEV4TURFek1UTXpOVm9YRFRJMU1URXdPVEV6TVRNek5Wb3dXVEVMTUFrR0ExVUVCaE1DVlZNeEN6QUoKQmdOVkJBZ01Ba05CTVFzd 0NRWURWUVFIREFKVFF6RU5NQXNHQTFVRUNnd0VRMHhFVWpFTU1Bb0dBMVVFQ3d3RApRa3hTTVJNd0VRWURWUVFEREFvcUxtaDNlQzV6YVhSbE1JSUJJ akFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXczQXBYeXg4dkxXSVZqSlpLZzNpb29XcGdtNjZwN2gxWCtRWUVVZ0Q0VEc3dkZ 2OGNUckkKdzlaZ1VpcW1zUTVJRlZxRk5lcEFpSFBteUxscDl1d1RhTEthdm9IZ2pXU0p1K2dwaUdiMHJiR1hkM3ltYkw5Rwp2Sm1pNmtPZW9SeHpQbk N5SVVEa3NmU3kzdE5pWlNRRFRubmhUWk9Zc2tmbDdZK1VYaVJVS2NBNExkWTBWSTVJCnpmRlR0cW5qM0o4SnJ6d0dJd1NoK0ZNdHRyWFQ5WFI5bzVpL 0M2cWh0L1JwbEx3QTB6ZVlYSDhkNjl2Ykw4T1EKemREeXZlcmptRXZjS3F1bGo4NU1CSTZwcVRGb21QcEp5VVlxS0cwN2U1WDN0QmZiVzk2QXdYT1BT SFd0QlpndwpyeTVFbzRxWVRJMGZmYlFCS3ZIVElzYTd3T0xmRzAvK3J3SURBUUFCb3pzd09UQUxCZ05WSFE4RUJBTUNCREF3CkV3WURWUjBsQkF3d0N nWUlLd1lCQlFVSEF3RXdGUVlEVlIwUkJBNHdESUlLS2k1b2QzZ3VjMmwwWlRBTkJna3EKaGtpRzl3MEJBUXNGQUFPQ0FRRUFtKzFZUlg5M2k1Q1FPQl FIVVZ2Y2M1OWFMb2Y3SnJxcGNaN0NOaGJXMzc4Zgo3RTNpTjhBY1BNQ0dvZllTeWFrblQxVlkwdDNiVXhtSTFSdXdEUXNDU3U1MmlhYnhIVUhrOFBEQ jk5NTRxL3RtCkh4MXpVR0VURkZaZHdkb0dDMk14Ui9WdU9wbExza2hEc0ZJZmpaZC81clVrL1QvMUxUaC8zMExBbGhPVzNtek8KZFJWWC9LR2QyWGZ3 SFNzQ3FRTFk4WGZQM0d3WHgrTmVUY09vTEQycXYvYW1kMnY1dlVtdXpONzErZjR3bXVvbwpaZ1JiYk9OSkMvdzVzV3MvWVRaODd1M1JNUWExd2gvckl YMk1QMzNTMG1SeHJkSXlpeGMxamF6ZTYxWmRUUnk5Ck9NQ2RmZEpGNFE1RndmODdWSWpYZXdPemdQVnFJVGVNVW1vcy9HR0p0UT09Ci0tLS0tRU5EIE NFUlRJRklDQVRFLS0tLS0= | base64 -d > cdp-private-installer-truststore.pem
- Obtain the truststore .pem file from the first additional Cloudera Manager host from
/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_cacerts.pem
or/opt/cloudera/CMCA/trust-store/cm-auto-global_cacerts.pem
and copy the contents. - Append the
cdp-private-installer-truststore.pem
file created previously with the contents of the Cloudera Manager .pem file. - Repeat the previous two steps for all additional Cloudera Manager hosts you would like to register environments with.
- Log in to the ECS cluster Management Console and click Administration > CA
Certificates. Select Datalake in the CA
Certificate Type drop-down, click Choose File, then select the
appended
cdp-private-installer-truststore.pem
file and click Upload. Click Save to save your changes.You can also use the following CLI commands to upload the
cdp-private-installer-truststore.pem
file and update the global truststore with the encoded certificate file content:cat cdp-private-installer-truststore.pem | base64 cdp environments --set-environment-setting --settings truststorePEM=<base64 encoded CM cert> --no-verify-tls
Step 2: Register an ECS environment with each of the additional Base clusters
- Log in to the ECS cluster Management Console and Register an environment for the first additional Base cluster using the applicable Cloudera Manager URL and credentials.
- Repeat the previous step for the rest of the additional Base clusters.
Step 3: Create data services within each environment
Refer to the following topics to create the data services of your choice in each environment: